Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*
- LE PHP en bas de page, c'est pas bon !
- Conseils : Ça ne sert à rien de charger toutes les SESSIONS, il suffit de faire sur ta page PANEL un foreach qui récupére les informations de l'utilisateur.
- Je t'ai ajouté une INSERT INTO à la fin pour les logs de connexion, si tu le gardes, tu devras créer une table logs.
- Tu as oublié dans ton ancienne connexion pas mal de chose importante, notamment le "htmlspecialchars" ou "htmlentities" qui sert à te protéger des injections XSS.
- Trop de PHP ne sert à rien ;)
- Si tu veux sécuriser ta page PANEL, voici le code :
- if (empty($_SESSION['user']) OR empty($_SESSION['mail'])) {
- header("location: ../index.php");
- }
- Concernant le foreach :
- foreach($bdd->query("SELECT * FROM pn_users WHERE mail = '".$_SESSION['mail']."' ") as $row) {
- $prenom = $row['prenom'];
- $nom = $row['nom'];
- $rank = $row['rank'];
- }
- */
- if (isset($_POST['submit'])) {
- $pseudo = htmlspecialchars($_POST['user']);
- $password = sha1($_POST['password'])
- if (!empty($pseudo) AND !empty($password)) {
- $req = $bdd->prepare("SELECT * FROM pn_users WHERE user = ? AND password = ?");
- $req->execute(array($pseudo, $password));
- $result = $req->rowCount();
- if ($result == 1) {
- $userinfo = $req->fetch();
- $_SESSION['user'] = $userinfo['user'];
- $_SESSION['mail'] = $userinfo['mail'];
- $ip = $_SERVER['REMOTE_ADDR'];
- $date = date("d-m-Y H:i:s");
- $req = $bdd->prepare("INSERT INTO logs (user, mail, date, ip) VALUES (?, ?, ?, ?)");
- $req->execute(array($user, $mail, $date, $ip));
- header("Location: ./panel.php");
- } else {$erreur = 'Erreur : Le pseudo ou le mot de passe est invalide.';}
- } else {$erreur2 = 'Erreur : tous les champs doivent être remplis.';}
- }
- ?>
- <!DOCTYPE html>
- <html lang="en">
- <head>
- <!-- Required meta tags-->
- <meta charset="UTF-8">
- <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
- <meta name="description" content="Accès panel serveur YourDev.fr">
- <meta name="author" content="Alex YourDev">
- <meta name="keywords" content="YourDev">
- <!-- Title Page-->
- <title>YourDev: Connexion</title>
- <!-- Fontfaces CSS-->
- <link href="css/font-face.css" rel="stylesheet" media="all">
- <link href="vendor/font-awesome-4.7/css/font-awesome.min.css" rel="stylesheet" media="all">
- <link href="vendor/font-awesome-5/css/fontawesome-all.min.css" rel="stylesheet" media="all">
- <link href="vendor/mdi-font/css/material-design-iconic-font.min.css" rel="stylesheet" media="all">
- <!-- Bootstrap CSS-->
- <link href="vendor/bootstrap-4.1/bootstrap.min.css" rel="stylesheet" media="all">
- <!-- Vendor CSS-->
- <link href="vendor/animsition/animsition.min.css" rel="stylesheet" media="all">
- <link href="vendor/bootstrap-progressbar/bootstrap-progressbar-3.3.4.min.css" rel="stylesheet" media="all">
- <link href="vendor/wow/animate.css" rel="stylesheet" media="all">
- <link href="vendor/css-hamburgers/hamburgers.min.css" rel="stylesheet" media="all">
- <link href="vendor/slick/slick.css" rel="stylesheet" media="all">
- <link href="vendor/select2/select2.min.css" rel="stylesheet" media="all">
- <link href="vendor/perfect-scrollbar/perfect-scrollbar.css" rel="stylesheet" media="all">
- <!-- Main CSS-->
- <link href="css/theme.css" rel="stylesheet" media="all">
- </head>
- <body class="animsition">
- <div class="page-wrapper">
- <div class="page-content--bge5">
- <div class="container">
- <div class="login-wrap">
- <?php
- echo $msg;
- ?>
- <div class="login-content">
- <div class="login-logo">
- <a href="#">
- <img src="images/icon/logo.png" alt="CoolAdmin">
- </a>
- </div>
- <div class="login-form">
- <form action="./index.php" method="post">
- <div class="form-group">
- <label>Utilisateur YourDev</label>
- <input class="au-input au-input--full" type="text" name="user" placeholder="Nom d'Utilisateur YourDev">
- </div>
- <div class="form-group">
- <label>Mot de passe</label>
- <input class="au-input au-input--full" type="password" name="password" placeholder="Mot de passe">
- </div>
- <div class="login-checkbox">
- <label>
- <a href="#">Mot de passe oublié?</a>
- </label>
- </div>
- <input class="au-btn au-btn--block au-btn--green m-b-20" value ="CONNEXION" name="submit" type="submit">
- </form>
- </div>
- </div>
- </div>
- </div>
- </div>
- </div>
- <!-- Jquery JS-->
- <script src="vendor/jquery-3.2.1.min.js"></script>
- <!-- Bootstrap JS-->
- <script src="vendor/bootstrap-4.1/popper.min.js"></script>
- <script src="vendor/bootstrap-4.1/bootstrap.min.js"></script>
- <!-- Vendor JS -->
- <script src="vendor/slick/slick.min.js">
- </script>
- <script src="vendor/wow/wow.min.js"></script>
- <script src="vendor/animsition/animsition.min.js"></script>
- <script src="vendor/bootstrap-progressbar/bootstrap-progressbar.min.js">
- </script>
- <script src="vendor/counter-up/jquery.waypoints.min.js"></script>
- <script src="vendor/counter-up/jquery.counterup.min.js">
- </script>
- <script src="vendor/circle-progress/circle-progress.min.js"></script>
- <script src="vendor/perfect-scrollbar/perfect-scrollbar.js"></script>
- <script src="vendor/chartjs/Chart.bundle.min.js"></script>
- <script src="vendor/select2/select2.min.js">
- </script>
- <!-- Main JS-->
- <script src="js/main.js"></script>
- </body>
- </html>
- <!-- end document-->
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement